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WHAT IS CLAIMED IS: 

1 . A method for maintaining policy compliance on a computer network, 
comprising the steps of: 

electronically monitoring network user compliance with a network security 
policy stored in a database; 

electronically evaluating network security policy compliance based on the 
network user compliance; and 

electronically undertaking a network policy compliance action in response to the 
network security policy compliance. 

2. The method of claim 1, wherein the evaluating step comprises the steps 

of: 

electronically generating a network security policy compliance value based on 
monitoring network user compliance for a plurality of network users; 

electronically comparing the compliance value to a target compliance value, 
wherein the target compliance value defines a baseline for network security policy 
compliance; and 

wherein the undertaking step is based on a difference between the compliance 
value and the target compliance value. 

3. The method of claim 2, wherein the compliance action is selected from a 
group comprising: 

electronically implementing a different network security policy selected from 
network security policies stored in the database; 

generating policy effectiveness reports; and 
providing a retraining module to network users. 
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4. The method of claim 1, further comprising the step of electronically 
undertaking a user compliance action in response to monitoring network user 
compliance. 

5. The method of claim 4, wherein the evaluating step comprises the steps 

of: 

generating a network security policy compliance value based on monitoring 
network user compliance; and 

comparing the compliance value to a target compliance value, wherein the target 
compliance value defines a baseline for network security policy compliance; and 

wherein the undertaking step is based on a difference between the compliance 
value and the target compliance value. 

6. The method of claim 5, wherein the user compliance action is selected 
from a group comprising: 

notifying a network user; 

notifying a policy administrator; 

providing a retraining module to the network user; and 

restricting the network user's network access rights. 

7. The method of claim 3, wherein each network security policy has a 
security level identifier identifying the relative restrictiveness of the policy, wherein the 
implementing step includes the step of electronically selecting a network security policy 
based on the security level identifier. 



8. The method of claim 1, further comprising the step of interactively 
generating a network security policy, the generating step comprising the steps of: 

electronically providing a suggested network security policy to a plurality of 
network users; 

electronically receiving a modified network security policy from at least one of 
the network users; 

electronically providing at least one of the modified policies to the network 
users; and 

receiving a group modified policy from the network users. 

9. The method of claim 1 , wherein the monitoring step further comprises 
the steps of: 

electronically providing a network policy exam to a network user; 
electronically receiving exam answers from the network user; 
electronically evaluating the exam results to generate an evaluation score; 
notifying the network user of the evaluation score; and 
storing the evaluation score in a database. 

10. The method of claim 1, wherein the network security policy comprises: 
a network hardware policy; 

an email policy; 

an internet policy; 

a software license policy; 

a document management system policy; and 

a network security enforcement policy. 



11. An apparatus for maintaining policy compliance on a computer network, 
the apparatus comprising: 

a computer system comprising at least one processor and at least one memory, 
the computer system being adapted and arranged for: 

(a) electronically monitoring network user compliance with a network 
security policy stored in a database; 

(b) electronically evaluating network security policy compliance based on 
the network user compliance; and 

(c) electronically undertaking a network policy compliance action in 
response to the network security policy compliance. 

12. An article of manufacture for maintaining policy compliance on a 
computer network, the article of manufacture comprising a computer-readable storage 
medium having a computer program embodied therein that causes the computer 
network to perform the steps of: 

electronically monitoring network user compliance with a network security 
policy stored in a database; 

electronically evaluating network security policy compliance based on the 
network user compliance; and 

electronically undertaking a network policy compliance action in response to the 
network security policy compliance. 



